2 * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
12 #include "acl/AdaptationService.h"
13 #include "acl/AdaptationServiceData.h"
15 #include "acl/AllOf.h"
16 #include "acl/AnnotateClient.h"
17 #include "acl/AnnotateTransaction.h"
18 #include "acl/AnnotationData.h"
19 #include "acl/AnyOf.h"
22 #include "acl/Eui64.h"
25 #include "acl/AtStep.h"
26 #include "acl/AtStepData.h"
29 #include "acl/Checklist.h"
30 #include "acl/ConnectionsEncrypted.h"
32 #include "acl/DestinationAsn.h"
33 #include "acl/DestinationDomain.h"
34 #include "acl/DestinationIp.h"
35 #include "acl/DomainData.h"
36 #if USE_LIBNETFILTERCONNTRACK
37 #include "acl/ConnMark.h"
40 #include "acl/ExtUser.h"
42 #include "acl/FilledChecklist.h"
43 #include "acl/forward.h"
44 #include "acl/Gadgets.h"
45 #include "acl/HasComponent.h"
46 #include "acl/HasComponentData.h"
47 #include "acl/HierCode.h"
48 #include "acl/HierCodeData.h"
49 #include "acl/HttpHeaderData.h"
50 #include "acl/HttpRepHeader.h"
51 #include "acl/HttpReqHeader.h"
52 #include "acl/HttpStatus.h"
53 #include "acl/IntRange.h"
55 #include "acl/LocalIp.h"
56 #include "acl/LocalPort.h"
57 #include "acl/MaxConnection.h"
58 #include "acl/Method.h"
59 #include "acl/MethodData.h"
60 #include "acl/MyPortName.h"
62 #include "acl/NoteData.h"
63 #include "acl/PeerName.h"
64 #include "acl/Protocol.h"
65 #include "acl/ProtocolData.h"
66 #include "acl/Random.h"
67 #include "acl/RegexData.h"
68 #include "acl/ReplyHeaderStrategy.h"
69 #include "acl/ReplyMimeType.h"
70 #include "acl/RequestHeaderStrategy.h"
71 #include "acl/RequestMimeType.h"
72 #include "acl/SourceAsn.h"
73 #include "acl/SourceDomain.h"
74 #include "acl/SourceIp.h"
75 #include "acl/SquidError.h"
76 #include "acl/SquidErrorData.h"
78 #include "acl/Certificate.h"
79 #include "acl/CertificateData.h"
80 #include "acl/ServerName.h"
81 #include "acl/SslError.h"
82 #include "acl/SslErrorData.h"
84 #include "acl/Strategised.h"
85 #include "acl/Strategy.h"
86 #include "acl/StringData.h"
88 #include "acl/ServerCertificate.h"
92 #include "acl/TimeData.h"
93 #include "acl/TransactionInitiator.h"
95 #include "acl/UrlLogin.h"
96 #include "acl/UrlPath.h"
97 #include "acl/UrlPort.h"
98 #include "acl/UserData.h"
100 #include "auth/AclMaxUserIp.h"
101 #include "auth/AclProxyAuth.h"
103 #include "base/RegexPattern.h"
104 #include "ExternalACL.h"
106 #include "ident/AclIdent.h"
109 #include "snmp_core.h"
112 // Not in src/acl/ because some of the ACLs it registers are not in src/acl/.
116 /* the registration order does not matter */
118 // The explicit return type (ACL*) for lambdas is needed because the type
119 // of the return expression inside lambda is not ACL* but AclFoo* while
120 // Acl::Maker is defined to return ACL*.
122 RegisterMaker("all-of", [](TypeName
)->ACL
* { return new Acl::AllOf
; }); // XXX: Add name parameter to ctor
123 RegisterMaker("any-of", [](TypeName
)->ACL
* { return new Acl::AnyOf
; }); // XXX: Add name parameter to ctor
124 RegisterMaker("random", [](TypeName name
)->ACL
* { return new ACLRandom(name
); });
125 RegisterMaker("time", [](TypeName name
)->ACL
* { return new ACLStrategised
<time_t>(new ACLTimeData
, new ACLTimeStrategy
, name
); });
126 RegisterMaker("src_as", [](TypeName name
)->ACL
* { return new ACLStrategised
<Ip::Address
>(new ACLASN
, new ACLSourceASNStrategy
, name
); });
127 RegisterMaker("dst_as", [](TypeName name
)->ACL
* { return new ACLStrategised
<Ip::Address
>(new ACLASN
, new ACLDestinationASNStrategy
, name
); });
128 RegisterMaker("browser", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLRequestHeaderStrategy
<Http::HdrType::USER_AGENT
>, name
); });
129 RegisterMaker("dstdomain", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLDomainData
, new ACLDestinationDomainStrategy
, name
); });
130 RegisterMaker("dstdom_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLDestinationDomainStrategy
, name
); });
131 RegisterMaker("dst", [](TypeName
)->ACL
* { return new ACLDestinationIP
; }); // XXX: Add name parameter to ctor
132 RegisterMaker("hier_code", [](TypeName name
)->ACL
* { return new ACLStrategised
<hier_code
>(new ACLHierCodeData
, new ACLHierCodeStrategy
, name
); });
133 RegisterMaker("rep_header", [](TypeName name
)->ACL
* { return new ACLStrategised
<HttpHeader
*>(new ACLHTTPHeaderData
, new ACLHTTPRepHeaderStrategy
, name
); });
134 RegisterMaker("req_header", [](TypeName name
)->ACL
* { return new ACLStrategised
<HttpHeader
*>(new ACLHTTPHeaderData
, new ACLHTTPReqHeaderStrategy
, name
); });
135 RegisterMaker("http_status", [](TypeName name
)->ACL
* { return new ACLHTTPStatus(name
); });
136 RegisterMaker("maxconn", [](TypeName name
)->ACL
* { return new ACLMaxConnection(name
); });
137 RegisterMaker("method", [](TypeName name
)->ACL
* { return new ACLStrategised
<HttpRequestMethod
>(new ACLMethodData
, new ACLMethodStrategy
, name
); });
138 RegisterMaker("localip", [](TypeName
)->ACL
* { return new ACLLocalIP
; }); // XXX: Add name parameter to ctor
139 RegisterMaker("localport", [](TypeName name
)->ACL
* { return new ACLStrategised
<int>(new ACLIntRange
, new ACLLocalPortStrategy
, name
); });
140 RegisterMaker("myportname", [](TypeName name
)->ACL
* { return new ACLStrategised
<const char *>(new ACLStringData
, new ACLMyPortNameStrategy
, name
); });
141 RegisterMaker("peername", [](TypeName name
)->ACL
* { return new ACLStrategised
<const char *>(new ACLStringData
, new ACLPeerNameStrategy
, name
); });
142 RegisterMaker("peername_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLPeerNameStrategy
, name
); });
143 RegisterMaker("proto", [](TypeName name
)->ACL
* { return new ACLStrategised
<AnyP::ProtocolType
>(new ACLProtocolData
, new ACLProtocolStrategy
, name
); });
144 RegisterMaker("referer_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLRequestHeaderStrategy
<Http::HdrType::REFERER
>, name
); });
145 RegisterMaker("rep_mime_type", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLReplyHeaderStrategy
<Http::HdrType::CONTENT_TYPE
>, name
); });
146 RegisterMaker("req_mime_type", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLRequestHeaderStrategy
<Http::HdrType::CONTENT_TYPE
>, name
); });
147 RegisterMaker("srcdomain", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLDomainData
, new ACLSourceDomainStrategy
, name
); });
148 RegisterMaker("srcdom_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLSourceDomainStrategy
, name
); });
149 RegisterMaker("src", [](TypeName
)->ACL
* { return new ACLSourceIP
; }); // XXX: Add name parameter to ctor
150 RegisterMaker("url_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLUrlStrategy
, name
); });
151 RegisterMaker("urllogin", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLUrlLoginStrategy
, name
); });
152 RegisterMaker("urlpath_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLUrlPathStrategy
, name
); });
153 RegisterMaker("port", [](TypeName name
)->ACL
* { return new ACLStrategised
<int>(new ACLIntRange
, new ACLUrlPortStrategy
, name
); });
154 RegisterMaker("external", [](TypeName name
)->ACL
* { return new ACLExternal(name
); });
155 RegisterMaker("squid_error", [](TypeName name
)->ACL
* { return new ACLStrategised
<err_type
>(new ACLSquidErrorData
, new ACLSquidErrorStrategy
, name
); });
156 RegisterMaker("connections_encrypted", [](TypeName name
)->ACL
* { return new Acl::ConnectionsEncrypted(name
); });
157 RegisterMaker("tag", [](TypeName name
)->ACL
* { return new ACLStrategised
<const char *>(new ACLStringData
, new ACLTagStrategy
, name
); });
158 RegisterMaker("note", [](TypeName name
)->ACL
* { return new ACLStrategised
<NotePairs::Entry
*>(new ACLNoteData
, new ACLNoteStrategy
, name
); });
159 RegisterMaker("annotate_client", [](TypeName name
)->ACL
* { return new ACLStrategised
<NotePairs::Entry
*>(new ACLAnnotationData
, new ACLAnnotateClientStrategy
, name
); });
160 RegisterMaker("annotate_transaction", [](TypeName name
)->ACL
* { return new ACLStrategised
<NotePairs::Entry
*>(new ACLAnnotationData
, new ACLAnnotateTransactionStrategy
, name
); });
161 RegisterMaker("has", [](TypeName name
)->ACL
* {return new ACLStrategised
<ACLChecklist
*>(new ACLHasComponentData
, new ACLHasComponentStrategy
, name
); });
162 RegisterMaker("transaction_initiator", [](TypeName name
)->ACL
* {return new TransactionInitiator(name
);});
164 #if USE_LIBNETFILTERCONNTRACK
165 RegisterMaker("clientside_mark", [](TypeName name
)->ACL
* { return new Acl::ConnMark
; });
169 RegisterMaker("ssl_error", [](TypeName name
)->ACL
* { return new ACLStrategised
<const Security::CertErrors
*>(new ACLSslErrorData
, new ACLSslErrorStrategy
, name
); });
170 RegisterMaker("user_cert", [](TypeName name
)->ACL
* { return new ACLStrategised
<X509
*>(new ACLCertificateData(Ssl::GetX509UserAttribute
, "*"), new ACLCertificateStrategy
, name
); });
171 RegisterMaker("ca_cert", [](TypeName name
)->ACL
* { return new ACLStrategised
<X509
*>(new ACLCertificateData(Ssl::GetX509CAAttribute
, "*"), new ACLCertificateStrategy
, name
); });
172 RegisterMaker("server_cert_fingerprint", [](TypeName name
)->ACL
* { return new ACLStrategised
<X509
*>(new ACLCertificateData(Ssl::GetX509Fingerprint
, "-sha1", true), new ACLServerCertificateStrategy
, name
); });
173 RegisterMaker("at_step", [](TypeName name
)->ACL
* { return new ACLStrategised
<Ssl::BumpStep
>(new ACLAtStepData
, new ACLAtStepStrategy
, name
); });
174 RegisterMaker("ssl::server_name", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLServerNameData
, new ACLServerNameStrategy
, name
); });
175 RegisterMaker("ssl::server_name_regex", [](TypeName name
)->ACL
* { return new ACLStrategised
<char const *>(new ACLRegexData
, new ACLServerNameStrategy
, name
); });
179 RegisterMaker("arp", [](TypeName name
)->ACL
* { return new ACLARP(name
); });
180 RegisterMaker("eui64", [](TypeName name
)->ACL
* { return new ACLEui64(name
); });
184 RegisterMaker("ident", [](TypeName name
)->ACL
* { return new ACLIdent(new ACLUserData
, name
); });
185 RegisterMaker("ident_regex", [](TypeName name
)->ACL
* { return new ACLIdent(new ACLRegexData
, name
); });
189 RegisterMaker("ext_user", [](TypeName name
)->ACL
* { return new ACLExtUser(new ACLUserData
, name
); });
190 RegisterMaker("ext_user_regex", [](TypeName name
)->ACL
* { return new ACLExtUser(new ACLRegexData
, name
); });
191 RegisterMaker("proxy_auth", [](TypeName name
)->ACL
* { return new ACLProxyAuth(new ACLUserData
, name
); });
192 RegisterMaker("proxy_auth_regex", [](TypeName name
)->ACL
* { return new ACLProxyAuth(new ACLRegexData
, name
); });
193 RegisterMaker("max_user_ip", [](TypeName name
)->ACL
* { return new ACLMaxUserIP(name
); });
197 RegisterMaker("adaptation_service", [](TypeName name
)->ACL
* { return new ACLStrategised
<const char *>(new ACLAdaptationServiceData
, new ACLAdaptationServiceStrategy
, name
); });
201 RegisterMaker("snmp_community", [](TypeName name
)->ACL
* { return new ACLStrategised
<const char *>(new ACLStringData
, new ACLSNMPCommunityStrategy
, name
); });